From Infrastructure as Code to Policy as Code

 September 30, 2022

I still remember when 15 years ago, the topic of Infrastructure as Code was beginning to be discussed. At the time, the majority of tools we know and use for Infrastructure as Code did not exist. Some people and companies realized the need for such a paradigm, while many others were skeptical or against it.

In the last few months, I had a kind of a Deja Vu when I started to have conversations with some stakeholders around Policy as Code, or as someone prefers to call it, Compliance as Code. The idea behind Policy as Code is that if it was possible to write policies in a language that is both easily readable by a human and a computer, we could better govern IT. Policy as Code is not a new concept by itself. In fact, in Infrastructure as Code software such as Ansible, it is possible to create a Playbook to assess if a system is in the expected state. The problem, though, is that a Playbook written with Ansible with this scope is not always evident if read by people that are not highly trained on the topic.